package com.zgm.ch05.aop.before._3_5_3;

import java.lang.reflect.Method;

import org.springframework.aop.MethodBeforeAdvice;

public class SecurityAdvice implements MethodBeforeAdvice {

	private SecurityManager securityManager;
	
	public SecurityAdvice(){
		this.securityManager = new SecurityManager();
	}
	
	public void before(Method method, Object[] args, Object target){
		UserInfo user = securityManager.getLoggedOnUser();
		
		if(user == null){
			System.out.println("没有用户被授权！");
			throw new SecurityException("在访问这个方法("  + method.getName() + ")前你必须先登录！");
		} else if ("zgm".equals(user.getUsername())){
			System.out.println("zgm 已经登录");
		} else {
			System.out.println("登录的用户是：" + user.getUsername() + ", 此用户没用权限！");
			throw new SecurityException("用户" + user.getUsername() + "没有权限访问！");
			
		}
	}
}
